From owner-freebsd-isp  Thu Feb 15 04:25:20 1996
Return-Path: owner-isp
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id EAA28412
          for isp-outgoing; Thu, 15 Feb 1996 04:25:20 -0800 (PST)
Received: from guardian.fortress.org (fortress.org [199.84.158.128])
          by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id EAA28406
          for <freebsd-isp@freebsd.org>; Thu, 15 Feb 1996 04:25:15 -0800 (PST)
Received: (from andrew@localhost) by guardian.fortress.org (8.6.12/8.6.12) id HAA16897; Thu, 15 Feb 1996 07:25:19 -0500
Date: Thu, 15 Feb 1996 07:25:18 -0500 (EST)
From: Andrew Webster <andrew@fortress.org>
Reply-To: andrew@pubnix.net
To: "Miguel A.L. Paraz" <map@iphil.net>
cc: freebsd-isp@freebsd.org
Subject: Re: RADIUS
In-Reply-To: <199602150444.MAA08392@marikit.iphil.net>
Message-ID: <Pine.BSF.3.91.960215072031.11276P-100000@guardian.fortress.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
Precedence: bulk

On Thu, 15 Feb 1996, Miguel A.L. Paraz wrote:

> Andrew Webster wrote:
> 
>  
> > Is there anyone working on RADIUS support for FreeBSD so that it can be 
> > used as a smart terminal server?
> 
> Yes, I am going to put some work into this.
> 
> I already have the Livingston radiusd with the SLIP/CSLIP/PPP
> patches installed, plus some other patches of my own.  This
> already works with a Portmaster that I borrowed, for reference
> purposes.
> 
> I also have the RADIUS client login for Linux, and will study how it
> can be nicely injected into the BSD login - replacing
> the getpwent() call with a RADIUS authentication request.  This Linux
> code does not support RADIUS accounting; I plan to put that in
> by taking it backwards from the server code.

Sounds like you are ahead of the game with the work you've already done!

> 
> Along this line, I previously asked for suggestions on good
> multiport cards to use for FreeBSD.  I also plan to stick a 
> sync serial board to make the system a one-box solution
> for ISPs.

I use a pair of Digipoard PC/8 cards with 16550uarts, ports are running 
at 38400 and 57600 on a P-100 system which is acting as a new server and 
virtual host box for PubNIX Montreal.

Works great.  I am interested in RADIUS as a method to try and get the 
user database under one roof.

> I would appreciate advice on how to use such a system where
> user accounts are divided between different boxes.  Would
> NIS/NIS+ do it?  Or perhaps, a distributed RADIUS system
> like in the (complicated) Merit radiusd?

You can use NIS systems for this and have a radius "server" on some 
corner of your network.  I haven't had much luck with NIS on freebsd.  It 
works about 90%.  I may have overlooked something during the setup, but 
users can't change their passwords when runnning NIS!


Andrew Webster  - andrew@pubnix.net - http://www.pubnix.net
PubNIX Montreal - Connected to the world - Branche au monde
 514-990-5911   - P.O. Box 147, Cote St-Luc, Quebec, H4V 2Y3